package com.bzy.blp.shiro;

import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.alibaba.fastjson.JSON;
import com.bzy.common.bean.Result;
import com.bzy.common.util.LoggerUtil;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.UserFilter;

public class CustomUserFilter extends UserFilter {

	@Override
	protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
		// TODO Auto-generated method stub
		Subject subject = getSubject(request, response);
		boolean result = subject.isAuthenticated();
		if (subject.getSession(false) != null) {
			LoggerUtil.shiroLog("CustomUserFilter.java--isAccessAllowed--result=" + result + ", principal="
					+ subject.getPrincipal() + ", sessionId=" + subject.getSession(false).getId());
		} else {
			LoggerUtil.shiroLog("CustomUserFilter.java--isAccessAllowed--result=" + result + ", principal="
					+ subject.getPrincipal() + ", session is null!!!!!");
		}
		return result;
	}

	@SuppressWarnings("unused")
	@Override
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
		// TODO Auto-generated method stub
		HttpServletRequest httpServletRequest = (HttpServletRequest) request;
		boolean isAjax = "XMLHttpRequest".equalsIgnoreCase(httpServletRequest.getHeader("X-Requested-With"));
		isAjax = true;
		// if (isAjax) {
		// ClientSavedRequest savedRequest = new
		// ClientSavedRequest(WebUtils.toHttp(request));
		// SessionUtil.setSavedRequest(savedRequest);
		// redirectToLogin(request, response);
		// String loginUrl = getLoginUrl() + "?oauth_callback=" +
		// savedRequest.getRequestUrl();
		// LoggerUtil.shiroLog("ClientUserFilter.java--onAccessDenied--loginUrl="
		// + loginUrl + ", sessionId="
		// + SessionUtil.getSessionId());
		//
		// HttpServletResponse httpResponse = (HttpServletResponse) response;
		// httpResponse.setHeader("SESSIONSTATUS", "TIMEOUT");
		// httpResponse.setHeader("CONTEXTPATH", loginUrl);
		// httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
		// }

		Result result = null;
		Map<String, Object> infoMap = new HashMap<>();
		String type = httpServletRequest.getHeader("from");
//		if (StringUtils.isBlank(type)) {
//			type = httpServletRequest.getParameter("from");
//		}
//		if (StringUtils.isBlank(type)) {
//			result = new Result(Result.Result_Code.err_unknown);
//			outJsonpString(request, response, result);
//			return false;
//		}
		String hrefPrefix = "login.html";
		infoMap.put("href", hrefPrefix + "?type=" + type);
		infoMap.put("type", type);
		result = new Result(Result.Result_Code.err_notLogin);
		result.setData(infoMap);
		outJsonpString(request, response, result);
		return false;
	}

	private void outJsonpString(ServletRequest request, ServletResponse response, Result result) throws Exception {
		String callback = request.getParameter("callback");

		HttpServletResponse res = (HttpServletResponse) response;
		res.setHeader("Content-type", "text/html;charset=UTF-8");
		String msg = JSON.toJSONString(result);
		if (StringUtils.isBlank(callback)) {

			res.getOutputStream().write(msg.getBytes("UTF-8"));
		} else {
			String jsonp = callback + "(" + msg + ")";
			res.getOutputStream().write(jsonp.getBytes("UTF-8"));
		}
	}

}
